The present invention relates generally to improvements to secure information transfer. More particularly, the invention relates to an advantageous dual-access disk drive system for secure transfer of information between different entities.
Immense amounts of information need to be transferred daily. Much of this information must be transferred between different entities, such as corporations, who have no fiduciary relationship toward one another, and which may be competitors which do not trust one another. Often a customer will need to transfer large amounts of information to a vendor, and the vendor will work with the information and transfer a finished product to the customer. The finished product may likewise be an information-intensive product whose value lies primarily in the information it contains. There is an ongoing need for convenient and rapid information transfer, which is best met in many cases, by electronic transfer. This includes transfer of computer files, which are able to contain or represent many different types of information. Transferring information between computers in the form of computer files is one of the fastest and easiest ways to transfer large amounts of information.
Between two parts of the same organization, data transfer can be accomplished by implementing a computer network and connecting each part of the organization to a computer network. Transfer over a network does, involve a degree of complexity because of the need to implement network protocols for information transfer, which require application programs for their implementation. Data transfer between different organizations, such as business competitors, requires successful processing and transfer of the data, with additional complexity introduced because of the need to address security concerns.
In order to provide for convenient information access and transfer, many organizations have established computer networks, connecting a number of computers in their organization to one another or to a central server. Connecting computers to one another raises questions concerning security of confidential information, or integrity of supplied information, as well as the possibility of attempts to gain unauthorized access to control functions of the network. Network security can be preserved by controlling physical access to computers connected to the network, allowing access to connected computers only to authorized persons. Typically, and ideally for purposes of security, only persons employed by or loyal to the entity owning the network are allowed access to the network. Security concerns arise when it is desired to transfer information to an outside person or entity separate from, and having no loyalty to, the entity owning the network. The outside entity may similarly have legitimate concerns about allowing access to its network or computers.
It is possible to provide data security through encryption, but this adds additional complexity to the data transfer process, and it is possible that flaws may exist in the particular encryption scheme chosen, allowing compromise of the data. It is also possible to transfer information through physical transfer of removable media, but this slows the process and increases inconvenience. Moreover, it may be advantageous for two computer systems or networks to directly exchange information rapidly under automated control with little or no human intervention. Reliance on transfer of removable media is incompatible with such direct exchange of information.
There exists, therefore, a need in the art for a high-speed, large-volume data exchange mechanism, providing physical isolation between computer systems controlled by different entities, which can be implemented with a minimum of complexity in data handling and transfer.
A data transfer system and method according to the present invention employs a dual-access disk drive adapted to allow simultaneous access by two or more different computers. The disk drive is adapted to allow each computer write access to a portion of the disk and read access to the entire disk. Each computer connected to the disk drive is allowed write access to a separate portion of the disk. The disk serves as a repository of information. Each of the different computers writes information to the disk, the information being readable by the other of the different computers. It is thus possible for two separate computers to transfer information by depositing and retrieving the information in a jointly accessible location, without a need for either computer to have a direct connection or access to the other computer. This provides physical security to each computer, as each computer is physically isolated from the other computer. The disk is adapted to prevent conflicting access by the different computers, for example, attempts by different ones of the different computers to read or write the disk inappropriately. The data transfer is accomplished with a minimum of complexity, because the data is transferred through direct physical connection to the repository of information, without the need for complex networking protocols.
A more complete understanding of the present invention, as well as further features and advantages of the invention, will be apparent from the following Detailed Description and the accompanying drawings.